[Snort-users] SMB alerts

Scott Elgram SElgram at ...10477...
Fri Aug 13 13:55:09 EDT 2004

    I am having a bit of trouble getting SMB alerts to work.  I have compiled snort-2.1.3 "--with-mysql=/usr/local/mysql --enable-smbalerts".  And I added this to the ruleset containing the rules I want to be alerted for.

ruletype smb_db_alert {
    type alert
    output alert_msb: workstation.list
    output database: log, mysql, user=<dbuser> password=<password> dbname=snort host=localhost encoding=hex detail=Full

However, After all that when I start snort i get;

ERROR: unknown output plugin: 'alert_smb'Fatal Error, Quitting

Any help would be appreciated greatly.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20040813/b98d9797/attachment.html>

More information about the Snort-users mailing list